diff --git a/flake.lock b/flake.lock index 729a403..217550c 100644 --- a/flake.lock +++ b/flake.lock @@ -10,11 +10,11 @@ "systems": "systems" }, "locked": { - "lastModified": 1707830867, - "narHash": "sha256-PAdwm5QqdlwIqGrfzzvzZubM+FXtilekQ/FA0cI49/o=", + "lastModified": 1714136352, + "narHash": "sha256-BtWQ2Th/jamO1SlD+2ASSW5Jaf7JhA/JLpQHk0Goqpg=", "owner": "ryantm", "repo": "agenix", - "rev": "8cb01a0e717311680e0cbca06a76cbceba6f3ed6", + "rev": "24a7ea390564ccd5b39b7884f597cfc8d7f6f44e", "type": "github" }, "original": { @@ -33,11 +33,11 @@ ] }, "locked": { - "lastModified": 1709606645, - "narHash": "sha256-yObjAl8deNvx1uIfQn7/vkB9Rnr0kqTo1HVrsk46l30=", + "lastModified": 1714877287, + "narHash": "sha256-mf1/RfkyhzwLLeqU8AdosbBfRQuQzuVMX7XL7GejoRI=", "owner": "hercules-ci", "repo": "arion", - "rev": "d2d48c9ec304ac80c84ede138b8c6f298d07d995", + "rev": "e9945eb6cdaf5c946bacd5a330e7b5ac7b3b2fdd", "type": "github" }, "original": { @@ -77,11 +77,11 @@ }, "locked": { "dir": "pkgs/firefox-addons", - "lastModified": 1712760118, - "narHash": "sha256-jifRWUOGDIPRpYZsBoC7PnnhqEhNmMAnbc+DwNI9Mmo=", + "lastModified": 1714881816, + "narHash": "sha256-RRl1dRNYQf44sMhoDYZgCxIUOsnsToouIfLc00LKUu0=", "owner": "rycee", "repo": "nur-expressions", - "rev": "ba09602a6e94f331ccc617f8d4d3bd93e335c469", + "rev": "0f9e3fa02a77158755a76689a4e7e849c7a3e6e8", "type": "gitlab" }, "original": { @@ -110,11 +110,27 @@ "flake-compat_2": { "flake": false, "locked": { - "lastModified": 1673956053, - "narHash": "sha256-4gtG9iQuiKITOjNQQeQIpoIB6b16fm+504Ch3sNKLd8=", + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", "owner": "edolstra", "repo": "flake-compat", - "rev": "35bb57c0c8d8b62bbfd284272c928ceb64ddbde9", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", + "type": "github" + }, + "original": { + "owner": "edolstra", + "repo": "flake-compat", + "type": "github" + } + }, + "flake-compat_3": { + "flake": false, + "locked": { + "lastModified": 1696426674, + "narHash": "sha256-kvjfFW7WAETZlt09AgDn1MrtKzP7t90Vf7vypd3OL1U=", + "owner": "edolstra", + "repo": "flake-compat", + "rev": "0f9255e01c2351cc7d116c072cb317785dd33b33", "type": "github" }, "original": { @@ -131,11 +147,11 @@ ] }, "locked": { - "lastModified": 1709336216, - "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", + "lastModified": 1714641030, + "narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", + "rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e", "type": "github" }, "original": { @@ -153,11 +169,11 @@ ] }, "locked": { - "lastModified": 1701473968, - "narHash": "sha256-YcVE5emp1qQ8ieHUnxt1wCZCC3ZfAS+SRRWZ2TMda7E=", + "lastModified": 1712014858, + "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "34fed993f1674c8d06d58b37ce1e0fe5eebcb9f5", + "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", "type": "github" }, "original": { @@ -170,11 +186,11 @@ "nixpkgs-lib": "nixpkgs-lib" }, "locked": { - "lastModified": 1709336216, - "narHash": "sha256-Dt/wOWeW6Sqm11Yh+2+t0dfEWxoMxGBvv3JpIocFl9E=", + "lastModified": 1714641030, + "narHash": "sha256-yzcRNDoyVP7+SCNX0wmuDju1NUCt8Dz9+lyUXEI0dbI=", "owner": "hercules-ci", "repo": "flake-parts", - "rev": "f7b3c975cf067e56e7cda6cb098ebe3fb4d74ca2", + "rev": "e5d10a24b66c3ea8f150e47dfdb0416ab7c3390e", "type": "github" }, "original": { @@ -227,6 +243,50 @@ "type": "indirect" } }, + "flake-parts_6": { + "inputs": { + "nixpkgs-lib": [ + "small-nvim", + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1712014858, + "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "flake-parts", + "type": "github" + } + }, + "flake-parts_7": { + "inputs": { + "nixpkgs-lib": [ + "small-nvim", + "neovim-nightly-overlay", + "hercules-ci-effects", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1712014858, + "narHash": "sha256-sB4SWl2lX95bExY2gMFG5HIzvva5AVMJd4Igm+GpZNw=", + "owner": "hercules-ci", + "repo": "flake-parts", + "rev": "9126214d0a59633752a136528f5f3b9aa8565b7d", + "type": "github" + }, + "original": { + "id": "flake-parts", + "type": "indirect" + } + }, "flake-utils": { "locked": { "lastModified": 1629284811, @@ -265,11 +325,29 @@ "systems": "systems_4" }, "locked": { - "lastModified": 1681202837, - "narHash": "sha256-H+Rh19JDwRtpVPAWp64F+rlEtxUWBAQW28eAi3SRSzg=", + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", "owner": "numtide", "repo": "flake-utils", - "rev": "cfacdce06f30d2b68473a46042957675eebb3401", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_4": { + "inputs": { + "systems": "systems_5" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", "type": "github" }, "original": { @@ -280,11 +358,11 @@ }, "hardware": { "locked": { - "lastModified": 1711352745, - "narHash": "sha256-luvqik+i3HTvCbXQZgB6uggvEcxI9uae0nmrgtXJ17U=", + "lastModified": 1714885415, + "narHash": "sha256-LG+2IVqVi1fy724rSDAkgqae+f47fGGko4cJhtkN8PE=", "owner": "nixos", "repo": "nixos-hardware", - "rev": "9a763a7acc4cfbb8603bb0231fec3eda864f81c0", + "rev": "753176b57b3fcddb140c1c012868e62c025120bd", "type": "github" }, "original": { @@ -318,11 +396,11 @@ ] }, "locked": { - "lastModified": 1708547820, - "narHash": "sha256-xU/KC1PWqq5zL9dQ9wYhcdgxAwdeF/dJCLPH3PNZEBg=", + "lastModified": 1713898448, + "narHash": "sha256-6q6ojsp/Z9P2goqnxyfCSzFOD92T3Uobmj8oVAicUOs=", "owner": "hercules-ci", "repo": "hercules-ci-effects", - "rev": "0ca27bd58e4d5be3135a4bef66b582e57abe8f4a", + "rev": "c0302ec12d569532a6b6bd218f698bc402e93adc", "type": "github" }, "original": { @@ -354,6 +432,29 @@ "type": "github" } }, + "hercules-ci-effects_3": { + "inputs": { + "flake-parts": "flake-parts_7", + "nixpkgs": [ + "small-nvim", + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "lastModified": 1713898448, + "narHash": "sha256-6q6ojsp/Z9P2goqnxyfCSzFOD92T3Uobmj8oVAicUOs=", + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "rev": "c0302ec12d569532a6b6bd218f698bc402e93adc", + "type": "github" + }, + "original": { + "owner": "hercules-ci", + "repo": "hercules-ci-effects", + "type": "github" + } + }, "home-manager": { "inputs": { "nixpkgs": [ @@ -382,11 +483,11 @@ ] }, "locked": { - "lastModified": 1711625603, - "narHash": "sha256-W+9dfqA9bqUIBV5u7jaIARAzMe3kTq/Hp2SpSVXKRQw=", + "lastModified": 1714900398, + "narHash": "sha256-H7XYHpjk1G6dkA3AnbYrKtaTFjcCE7ul6nUVlVQxtsA=", "owner": "nix-community", "repo": "home-manager", - "rev": "c0ef0dab55611c676ad7539bf4e41b3ec6fa87d2", + "rev": "fdaaf543bad047639ef0b356ea2e6caec2f1215c", "type": "github" }, "original": { @@ -404,11 +505,11 @@ "utils": "utils" }, "locked": { - "lastModified": 1712851231, - "narHash": "sha256-GbxbN7wu5G/aT2EuCw9ESmOTWCWMJhHZrRRqtrq557k=", + "lastModified": 1713715709, + "narHash": "sha256-Dy8KJ6SKE/eScidwtAlBUcvCVBtADYHQcbhhQqdvs3w=", "owner": "xunuwu", "repo": "neovim-config", - "rev": "87356838578d112d69328fbc35566a5d3fe92c39", + "rev": "514c7e931949ab37196d84fcb153f874e048b129", "type": "github" }, "original": { @@ -442,6 +543,31 @@ "type": "github" } }, + "neovim-flake_2": { + "inputs": { + "flake-utils": "flake-utils_4", + "nixpkgs": [ + "small-nvim", + "neovim-nightly-overlay", + "nixpkgs" + ] + }, + "locked": { + "dir": "contrib", + "lastModified": 1714495065, + "narHash": "sha256-Cu9S+pCbATo1z4g3fI3lZ0nYNYe2IB7D5DD48NKESNA=", + "owner": "neovim", + "repo": "neovim", + "rev": "cb24a3907c8d24a898d99042f0f16c8919a2e7ab", + "type": "github" + }, + "original": { + "dir": "contrib", + "owner": "neovim", + "repo": "neovim", + "type": "github" + } + }, "neovim-nightly-overlay": { "inputs": { "flake-compat": "flake-compat", @@ -464,6 +590,28 @@ "type": "github" } }, + "neovim-nightly-overlay_2": { + "inputs": { + "flake-compat": "flake-compat_3", + "flake-parts": "flake-parts_6", + "hercules-ci-effects": "hercules-ci-effects_3", + "neovim-flake": "neovim-flake_2", + "nixpkgs": "nixpkgs_4" + }, + "locked": { + "lastModified": 1714521880, + "narHash": "sha256-qTlLUrvsSZIFD/dRNV+ogFfuQL5eU97AP4dXgVCzMek=", + "owner": "nix-community", + "repo": "neovim-nightly-overlay", + "rev": "bb3bf108cacfd4a21dc0f10f2bcb8937d4ce4d15", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "neovim-nightly-overlay", + "type": "github" + } + }, "nix-index-database": { "inputs": { "nixpkgs": [ @@ -471,11 +619,11 @@ ] }, "locked": { - "lastModified": 1711249705, - "narHash": "sha256-h/NQECj6mIzF4XR6AQoSpkCnwqAM+ol4+qOdYi2ykmQ=", + "lastModified": 1714878592, + "narHash": "sha256-E68C03sYRsYFsK7wiGHUIJm8IsyPRALOrFoTL0glXnI=", "owner": "Mic92", "repo": "nix-index-database", - "rev": "34519f3bb678a5abbddf7b200ac5347263ee781b", + "rev": "a362555e9dbd4ecff3bb98969bbdb8f79fe87f10", "type": "github" }, "original": { @@ -491,11 +639,11 @@ "nixpkgs": "nixpkgs_2" }, "locked": { - "lastModified": 1711761168, - "narHash": "sha256-w7GgKhBcrg1B72Ymb24rDeAoHsNwZdF8OghR4VxGYHk=", + "lastModified": 1714872267, + "narHash": "sha256-G04hUZnX7rrJ5a9A2OqrKZ1x25svs2xpGDrP2ExExUg=", "owner": "nix-community", "repo": "nix-vscode-extensions", - "rev": "5fae7231f16bd5467660c50e7d6a3732559443a0", + "rev": "7d48b70548c01495e9d434db3a89f61600ca4aca", "type": "github" }, "original": { @@ -522,29 +670,23 @@ }, "nixpkgs-lib": { "locked": { - "dir": "lib", - "lastModified": 1709237383, - "narHash": "sha256-cy6ArO4k5qTx+l5o+0mL9f5fa86tYUX3ozE1S+Txlds=", - "owner": "NixOS", - "repo": "nixpkgs", - "rev": "1536926ef5621b09bba54035ae2bb6d806d72ac8", - "type": "github" + "lastModified": 1714640452, + "narHash": "sha256-QBx10+k6JWz6u7VsohfSw8g8hjdBZEf8CFzXH1/1Z94=", + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz" }, "original": { - "dir": "lib", - "owner": "NixOS", - "ref": "nixos-unstable", - "repo": "nixpkgs", - "type": "github" + "type": "tarball", + "url": "https://github.com/NixOS/nixpkgs/archive/50eb7ecf4cd0a5756d7275c8ba36790e5bd53e33.tar.gz" } }, "nixpkgs-stable": { "locked": { - "lastModified": 1711233294, - "narHash": "sha256-eEu5y4J145BYDw9o/YEmeJyqh8blgnZwuz9k234zuWc=", + "lastModified": 1714858427, + "narHash": "sha256-tCxeDP4C1pWe2rYY3IIhdA40Ujz32Ufd4tcrHPSKx2M=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "ac6bdf6181666ebb4f90dd20f31e2fa66ede6b68", + "rev": "b980b91038fc4b09067ef97bbe5ad07eecca1e76", "type": "github" }, "original": { @@ -556,27 +698,27 @@ }, "nixpkgs_2": { "locked": { - "lastModified": 1684570954, - "narHash": "sha256-FX5y4Sm87RWwfu9PI71XFvuRpZLowh00FQpIJ1WfXqE=", + "lastModified": 1713805509, + "narHash": "sha256-YgSEan4CcrjivCNO5ZNzhg7/8ViLkZ4CB/GrGBVSudo=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "3005f20ce0aaa58169cdee57c8aa12e5f1b6e1b3", + "rev": "1e1dc66fe68972a76679644a5577828b6a7e8be4", "type": "github" }, "original": { "owner": "NixOS", - "ref": "nixos-unstable", + "ref": "nixpkgs-unstable", "repo": "nixpkgs", "type": "github" } }, "nixpkgs_3": { "locked": { - "lastModified": 1711703276, - "narHash": "sha256-iMUFArF0WCatKK6RzfUJknjem0H9m4KgorO/p3Dopkk=", + "lastModified": 1714763106, + "narHash": "sha256-DrDHo74uTycfpAF+/qxZAMlP/Cpe04BVioJb6fdI0YY=", "owner": "nixos", "repo": "nixpkgs", - "rev": "d8fe5e6c92d0d190646fb9f1056741a229980089", + "rev": "e9be42459999a253a9f92559b1f5b72e1b44c13d", "type": "github" }, "original": { @@ -588,11 +730,11 @@ }, "nixpkgs_4": { "locked": { - "lastModified": 1711200738, - "narHash": "sha256-dkJmk/ET/tRV4007O6kU101UEg1svUwiyk/zEEX9Tdg=", + "lastModified": 1714314149, + "narHash": "sha256-yNAevSKF4krRWacmLUsLK7D7PlfuY3zF0lYnGYNi9vQ=", "owner": "NixOS", "repo": "nixpkgs", - "rev": "20bc93ca7b2158ebc99b8cef987a2173a81cde35", + "rev": "cf8cc1201be8bc71b7cbbbdaf349b22f4f99c7ae", "type": "github" }, "original": { @@ -602,6 +744,37 @@ "type": "github" } }, + "nixpkgs_5": { + "locked": { + "lastModified": 1714809261, + "narHash": "sha256-hfBmnYFyz9I1mdrC3tX1A+dF9cOUcds5PIMPxrT+cRk=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "d32560238207b8e26d88b265207b216ee46b8450", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nur": { + "locked": { + "lastModified": 1714905988, + "narHash": "sha256-mzrMNxQ/DXuwJEOeG+hn+o+SXBMTbJgGKSxcoHV11P4=", + "owner": "nix-community", + "repo": "NUR", + "rev": "57486a778b5614bbdfc96aad2b3585ef60f18c96", + "type": "github" + }, + "original": { + "owner": "nix-community", + "repo": "NUR", + "type": "github" + } + }, "root": { "inputs": { "agenix": "agenix", @@ -614,20 +787,44 @@ "nix-index-database": "nix-index-database", "nix-vscode-extensions": "nix-vscode-extensions", "nixpkgs": "nixpkgs_3", + "nur": "nur", + "small-nvim": "small-nvim", "sops-nix": "sops-nix" } }, + "small-nvim": { + "inputs": { + "neovim-nightly-overlay": "neovim-nightly-overlay_2", + "nixpkgs": [ + "nixpkgs" + ], + "utils": "utils_2" + }, + "locked": { + "lastModified": 1714800865, + "narHash": "sha256-jtHBKMXVECZKjVLSKeDhbdDiKp6jwjSexZZ6zQrFQqs=", + "owner": "xunuwu", + "repo": "small-nvim", + "rev": "44af854f5d740323f634bce3ee73841aa0492cff", + "type": "github" + }, + "original": { + "owner": "xunuwu", + "repo": "small-nvim", + "type": "github" + } + }, "sops-nix": { "inputs": { - "nixpkgs": "nixpkgs_4", + "nixpkgs": "nixpkgs_5", "nixpkgs-stable": "nixpkgs-stable" }, "locked": { - "lastModified": 1711249319, - "narHash": "sha256-N+Pp3/8H+rd7cO71VNV/ovV/Kwt+XNeUHNhsmyTabdM=", + "lastModified": 1714878026, + "narHash": "sha256-YJ1k/jyd6vKqmVgGkkAb4n+ZfPPAt8+L5a73eAThqFU=", "owner": "Mic92", "repo": "sops-nix", - "rev": "405987a66cce9a4a82f321f11b205982a7127c88", + "rev": "10dc39496d5b027912038bde8d68c836576ad0bc", "type": "github" }, "original": { @@ -696,6 +893,36 @@ "type": "github" } }, + "systems_5": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, + "systems_6": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } + }, "utils": { "inputs": { "systems": "systems_3" @@ -713,6 +940,24 @@ "repo": "flake-utils", "type": "github" } + }, + "utils_2": { + "inputs": { + "systems": "systems_6" + }, + "locked": { + "lastModified": 1710146030, + "narHash": "sha256-SZ5L6eA7HJ/nmkzGG7/ISclqe6oZdOZTNoesiInkXPQ=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "b1d9ab70662946ef0850d488da1c9019f3a9752a", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index dd983aa..9c07714 100644 --- a/flake.nix +++ b/flake.nix @@ -9,7 +9,7 @@ ]; flake = { }; - perSystem = {pkgs, ...}: rec { + perSystem = {pkgs, ...}: { devShells.default = pkgs.mkShell { packages = with pkgs; [ alejandra @@ -46,6 +46,11 @@ inputs.nixpkgs.follows = "nixpkgs"; }; + small-nvim = { + url = "github:xunuwu/small-nvim"; + inputs.nixpkgs.follows = "nixpkgs"; + }; + firefox-addons = { url = "gitlab:rycee/nur-expressions?dir=pkgs/firefox-addons"; inputs.nixpkgs.follows = "nixpkgs"; @@ -72,6 +77,6 @@ inputs.nixpkgs.follows = "nixpkgs"; }; - #nur.url = "github:nix-community/NUR"; + nur.url = "github:nix-community/NUR"; }; } diff --git a/home/editors/nvim.nix b/home/editors/nvim.nix index 7e9d892..574bf9a 100644 --- a/home/editors/nvim.nix +++ b/home/editors/nvim.nix @@ -1,10 +1,12 @@ { pkgs, inputs, + lib, ... }: { home.packages = [ - inputs.neovim-config.packages.${pkgs.system}.neovim + #inputs.neovim-config.packages.${pkgs.system}.neovim + inputs.small-nvim.packages.${pkgs.system}.neovim ]; home.sessionVariables = { diff --git a/home/profiles/nixdesk/default.nix b/home/profiles/nixdesk/default.nix index c528e60..1f45a38 100644 --- a/home/profiles/nixdesk/default.nix +++ b/home/profiles/nixdesk/default.nix @@ -1,12 +1,14 @@ {...}: { imports = [ ./kanshi.nix + ./defaults.nix ../../terminal ../../terminal/programs/zellij.nix ../../editors/nvim.nix ../../editors/emacs.nix ../../editors/vscode.nix ../../programs/browsers/firefox.nix + ../../programs/browsers/chromium.nix ../../terminal/emulator/wezterm.nix ../../terminal/emulator/foot.nix @@ -22,10 +24,11 @@ # programs ../../programs/misc/keepassxc.nix ../../programs/misc/discord.nix + ../../programs/misc/foliate.nix ../../programs/misc/obsidian.nix ../../programs/misc/thunderbird.nix - ../../programs/music - ../../programs/music/yams.nix + #../../programs/music + #../../programs/music/yams.nix ../../programs/music/spotify.nix ../../programs/media ../../programs/media/jellyfin.nix diff --git a/home/profiles/nixdesk/defaults.nix b/home/profiles/nixdesk/defaults.nix new file mode 100644 index 0000000..5f1c7de --- /dev/null +++ b/home/profiles/nixdesk/defaults.nix @@ -0,0 +1,18 @@ +{ + pkgs, + lib, + ... +}: { + xdg.mimeApps = { + enable = true; + defaultApplications = { + "text/html" = "firefox.desktop"; + "x-scheme-handler/http" = "firefox.desktop"; + "x-scheme-handler/https" = "firefox.desktop"; + "x-scheme-handler/about" = "firefox.desktop"; + "x-scheme-handler/unknown" = "firefox.desktop"; + }; + }; + + home.sessionVariables.DEFAULT_BROWSER = lib.getExe pkgs.firefox; +} diff --git a/home/profiles/nixdesk/kanshi.nix b/home/profiles/nixdesk/kanshi.nix index eac0d0a..1a857e8 100644 --- a/home/profiles/nixdesk/kanshi.nix +++ b/home/profiles/nixdesk/kanshi.nix @@ -5,12 +5,10 @@ profiles."default" = { outputs = [ { - # criteria = "AOC 27G2G3"; criteria = "DP-3"; mode = "1920x1080@165Hz"; } { - # criteria = "AOC 24B1W"; criteria = "HDMI-A-1"; position = "1920,0"; } diff --git a/home/programs/browsers/chromium.nix b/home/programs/browsers/chromium.nix new file mode 100644 index 0000000..4104d51 --- /dev/null +++ b/home/programs/browsers/chromium.nix @@ -0,0 +1,9 @@ +{pkgs, ...}: { + programs.chromium = { + enable = true; + package = pkgs.ungoogled-chromium; + extensions = [ + {id = "cjpalhdlnbpafiamejdnhcphjbkeiagm";} # ublock origin + ]; + }; +} diff --git a/home/programs/desktop/hyprland/default.nix b/home/programs/desktop/hyprland/default.nix index 7fe02ed..ee240dd 100644 --- a/home/programs/desktop/hyprland/default.nix +++ b/home/programs/desktop/hyprland/default.nix @@ -171,7 +171,6 @@ "format-window-separator" = ","; "window-rewrite-default" = "@"; "window-rewrite" = { - "title<.*youtube.*>" = "y"; "title<.*discord.*>" = "d"; "class" = "m"; "class" = "f"; @@ -244,7 +243,7 @@ }; workspace = [ - "3,monitor:DP-3" + "1,monitor:DP-3" "2,monitor:DP-3" "3,monitor:DP-3" "4,monitor:DP-3" @@ -345,11 +344,10 @@ "maxsize 1 1,class:^(xwaylandvideobridge)$" "noblur,class:^(xwaylandvideobridge)$" - #"stayfocused,title:^(XtMapper)$" "noanim,title:^(XtMapper)$" "noblur,title:^(XtMapper)$" "float,title:^(XtMapper)$" - "move 0% 0%,title:^(XtMapper)$" + "move 0 0,title:^(XtMapper)$" "size 100%,title:^(XtMapper)$" ]; }; diff --git a/home/programs/misc/discord.nix b/home/programs/misc/discord.nix index 70b1b31..76817fa 100644 --- a/home/programs/misc/discord.nix +++ b/home/programs/misc/discord.nix @@ -1,6 +1,17 @@ {pkgs, ...}: { home.packages = with pkgs; [ - vesktop + # TODO: remove this once the vesktop screenshare update gets released + (vesktop.overrideAttrs (final: prev: { + version = "ab9e8579eea046187c5cdb51e2041a0beb6e8601"; + src = pkgs.fetchgit { + url = "https://github.com/Vencord/Vesktop.git"; + rev = "ab9e8579eea046187c5cdb51e2041a0beb6e8601"; + hash = "sha256-s3ndHHN8mqbzL40hMDXXDl+VV9pOk4XfnaVCaQvFFsg="; + }; + pnpmDeps = prev.pnpmDeps.overrideAttrs { + outputHash = "sha256-6ezEBeYmK5va3gCh00YnJzZ77V/Ql7A3l/+csohkz68="; + }; + })) (discord.override { withVencord = true; withOpenASAR = true; diff --git a/home/programs/misc/foliate.nix b/home/programs/misc/foliate.nix new file mode 100644 index 0000000..985b8c6 --- /dev/null +++ b/home/programs/misc/foliate.nix @@ -0,0 +1,5 @@ +{pkgs, ...}: { + home.packages = with pkgs; [ + foliate + ]; +} diff --git a/home/terminal/programs/xdg.nix b/home/terminal/programs/xdg.nix index cfc34a9..f6061d2 100644 --- a/home/terminal/programs/xdg.nix +++ b/home/terminal/programs/xdg.nix @@ -11,7 +11,6 @@ in { userDirs = { enable = true; - createDirectories = true; desktop = home + "/desktop"; documents = home + "/docs"; download = home + "/down"; diff --git a/home/terminal/shell/zsh.nix b/home/terminal/shell/zsh.nix index 775b2fd..1c2c1c5 100644 --- a/home/terminal/shell/zsh.nix +++ b/home/terminal/shell/zsh.nix @@ -30,6 +30,9 @@ ## MISC ## + setopt extendedglob + + # Show completion categories zstyle ':completion:*:*:*:*:descriptions' format '%F{magenta}<-%d->%f' diff --git a/hosts/default.nix b/hosts/default.nix index 6bbc390..5102be8 100644 --- a/hosts/default.nix +++ b/hosts/default.nix @@ -2,6 +2,7 @@ self, inputs, homeImports, + lib, ... }: let specialArgs = { @@ -18,6 +19,16 @@ in { config.allowUnfree = true; }; + nodeNixpkgs = { + nixdesk = import inputs.nixpkgs { + system = "x86_64-linux"; + config = { + allowUnfree = true; + rocmSupport = true; + }; + }; + }; + inherit specialArgs; }; nixdesk = { @@ -37,7 +48,7 @@ in { "${mod}/services/virt/podman.nix" "${mod}/services/virt/waydroid.nix" "${mod}/services/virt/distrobox.nix" - "${mod}/services/ollama.nix" + #"${mod}/services/ollama.nix" "${mod}/desktop/x11/nosleep.nix" "${mod}/programs/gamemode.nix" @@ -84,10 +95,6 @@ in { #"${mod}/services/containers/server" "${mod}/services/containers/experimental" - #"${mod}/services/networkd-wireguard.nix" - #"${mod}/services/wireguard.nix" - #"${mod}/services/transmission.nix" - { home-manager = { users.xun.imports = homeImports."xun@hopper"; diff --git a/hosts/hopper/brawlstats.nix b/hosts/hopper/brawlstats.nix new file mode 100644 index 0000000..e8f19a4 --- /dev/null +++ b/hosts/hopper/brawlstats.nix @@ -0,0 +1,156 @@ +{ + pkgs, + lib, + config, + ... +}: { + networking.firewall.allowedTCPPorts = [4444]; + + systemd.sockets."brawlstats-web" = { + wantedBy = ["sockets.target"]; + + socketConfig = { + ListenStream = "4444"; + TriggerLimitIntervalSec = 0; + Accept = "yes"; + }; + }; + + systemd.services."brawlstats-web@" = { + serviceConfig = { + StandardInput = "socket"; + ExecStart = "${pkgs.writeShellScript "brawlstats-web.sh" '' + parameters=$(head -n1 | ${lib.getExe pkgs.gawk} '{print $2}' | ${lib.getExe pkgs.gnused} 's/%20/ /g') + response="" + + tosvg() { + ${lib.getExe pkgs.gnuplot} -c ${pkgs.writeText "gnuplotcmds" '' + set xdata time + set timefmt '%Y%m%dT%H%M%S.000Z' + set format x '%H:%M' + set xlabel 'Time' + set ylabel 'Trophies' + set term svg + plot "/dev/stdin" using 1:2 with linespoints title 'Data' + ''} # 2>/dev/null + } + + case ''${parameters:1} in + total*) + id=$(echo $parameters | ${lib.getExe pkgs.gawk} '{print $2}') + trophies=$(cat "/var/lib/brawlstats/$id-player.json" | ${lib.getExe pkgs.jq} '.trophies') + response=$(${lib.getExe pkgs.jq} -r \ + "sort_by(.battleTime) + | reverse | .[] + | .battleTime, .battle.trophyChange" "/var/lib/brawlstats/$id-log.json" \ + | paste - - \ + | ${lib.getExe pkgs.gawk} -v total=$trophies '{total -= $2; $2 = total}2' \ + | tosvg) + ;; + brawler*) + id=$(echo $parameters | ${lib.getExe pkgs.gawk} '{print $2}') + brawler=$(echo $parameters | ${lib.getExe pkgs.gawk} '{print $3}') + response=$(${lib.getExe pkgs.jq} -r \ + "sort_by(.battleTime) + | reverse + | map (select (.. | .tag? == \"#$id\" and .brawler.name == \"$brawler\")).[] + | .battleTime, + (.battle | (.teams[]?,.players) | select(.)[] | select(.tag == \"#$id\") | .brawler.trophies) + .battle.trophyChange" "/var/lib/brawlstats/$id-log.json" \ + | paste - - \ + | tosvg) + #reponse=$(${lib.getExe pkgs.jq} -r \ + # "sort_by(.battleTime) + # | reverse + # | map (select (.. | .tag? == \"#$id\" and .brawler.name == \"$brawler\")).[] + # | .battleTime, + # (.battle | (.teams[]?,.players) | select(.)[] | select(.tag == \"#$id\") | .brawler.trophies) + .battle.trophyChange" \ + # "/var/lib/brawlstats/$id-log.json" \ + # | paste - - \ + # | tosvg) + #echo $response + ;; + *) + response="parameters: $parameters | firstparam: $(echo "$parameters" | ${lib.getExe pkgs.gawk} '{print $1}')" + ;; + esac + + #file="/var/lib/brawlstats/output.svg" + echo -e "HTTP/1.1 200 OK\r\nContent-Length: $(echo "$response" | wc -c)\r\nContent-Type: text/html\r\n\r\n$response" + #echo $endpoint + #cat "$file" + #while read -r LINE + #do + # echo "$LINE" + # [ -z "$LINE" ] && break + #done + + ''}"; + }; + }; + + systemd.timers."brawlstats" = { + wantedBy = ["timers.target"]; + timerConfig = { + OnCalendar = "*:0/30"; + Unit = "brawlstats.service"; + }; + }; + + systemd.services."brawlstats" = { + serviceConfig = { + Type = "oneshot"; + + User = "root"; + + StateDirectory = "brawlstats"; + + PrivateTmp = true; + + LoadCredential = "apitoken:${config.sops.secrets.brawlstars-api-key.path}"; + Environment = "TOKEN=%d/apitoken"; + + ExecStart = "${pkgs.writeShellScript "brawlstats.sh" '' + TOKEN=$(cat $TOKEN) + + cd "$STATE_DIRECTORY" + + ids=("VLJY22GY" "VLJV2CYL") + + for id in ''${ids[@]}; do + echo "id: $id" + + sleep 1 + battlelogout=$(mktemp) + ${lib.getExe pkgs.curl} -H "Authorization: Bearer $TOKEN" "https://api.brawlstars.com/v1/players/%23$id/battlelog" | ${lib.getExe pkgs.jq} '[.items[]]' > "$battlelogout" + sleep 1 + ${lib.getExe pkgs.curl} -H "Authorization: Bearer $TOKEN" "https://api.brawlstars.com/v1/players/%23$id" > "$id-player.json" + + + if [ ! -s "$battlelogout" ]; then + echo "battlelogout is empty" + rm "$battlelogout" + continue + fi + + if [ ! -s "$id-player.json" ]; then + echo "$id-player.json is empty" + continue + fi + + tmplog=$(mktemp) + cat "$battlelogout" "$id-log.json" | ${lib.getExe pkgs.jq} -s 'add | unique' > "$tmplog" + cat "$tmplog" > "$id-log.json" + + rm -f "$tmplog" + rm -f "$battlelogout" + + # create backup + cp "$id-log.json" "$id-log-$(date +'%s').json" + + # remove old backups + find . -type f -name "$id-log-*.json" | sort | head -n -5 | xargs -r rm + done + ''}"; + }; + }; +} diff --git a/hosts/hopper/default.nix b/hosts/hopper/default.nix index 9fc0939..3a9ad56 100644 --- a/hosts/hopper/default.nix +++ b/hosts/hopper/default.nix @@ -4,6 +4,7 @@ common-pc-hdd ./hardware.nix + ./brawlstats.nix ]; networking.hostName = "hopper"; diff --git a/hosts/liveiso/sway.nix b/hosts/liveiso/sway.nix index fd8feb2..97fbb9b 100644 --- a/hosts/liveiso/sway.nix +++ b/hosts/liveiso/sway.nix @@ -7,14 +7,11 @@ enable = true; }; - services.xserver = { - enable = true; - displayManager = { - sddm.enable = true; - autoLogin = { - enable = true; - user = "nixos"; - }; + services.displayManager = { + sddm.enable = true; + autoLogin = { + enable = true; + user = "nixos"; }; }; } diff --git a/hosts/nixdesk/default.nix b/hosts/nixdesk/default.nix index 5a43f6d..f8efab9 100644 --- a/hosts/nixdesk/default.nix +++ b/hosts/nixdesk/default.nix @@ -1,13 +1,10 @@ { pkgs, inputs, + lib, ... }: { imports = [ - inputs.hardware.nixosModules.common-cpu-amd - inputs.hardware.nixosModules.common-gpu-amd - inputs.hardware.nixosModules.common-pc-ssd - ./hardware.nix ]; diff --git a/hosts/nixdesk/gigabyte-b550-fix.nix b/hosts/nixdesk/gigabyte-b550-fix.nix new file mode 100644 index 0000000..00836b2 --- /dev/null +++ b/hosts/nixdesk/gigabyte-b550-fix.nix @@ -0,0 +1,37 @@ +{ + pkgs, + lib, + ... +}: { + # From https://github.com/NixOS/nixos-hardware/blob/master/gigabyte/b550/b550-fix-suspend.nix using until + # it has been merged into the flake. + systemd.services.bugfixSuspend-GPP0 = { + enable = lib.mkDefault true; + description = "Fix crash on wakeup from suspend/hibernate (b550 bugfix)"; + unitConfig = { + Type = "oneshot"; + }; + serviceConfig = { + User = "root"; # root may not be necessary + # check for gppN, disable if enabled + # lifted from https://www.reddit.com/r/gigabyte/comments/p5ewjn/comment/ksbm0mb/ /u/Demotay + ExecStart = "-${pkgs.bash}/bin/bash -c 'if grep 'GPP0' /proc/acpi/wakeup | grep -q 'enabled'; then echo 'GPP0' > /proc/acpi/wakeup; fi'"; + RemainAfterExit = "yes"; # required to not toggle when `nixos-rebuild switch` is ran + }; + wantedBy = ["multi-user.target"]; + }; + + systemd.services.bugfixSuspend-GPP8 = { + enable = lib.mkDefault true; + description = "Fix crash on wakeup from suspend/hibernate (b550 bugfix)"; + unitConfig = { + Type = "oneshot"; + }; + serviceConfig = { + User = "root"; + ExecStart = "-${pkgs.bash}/bin/bash -c 'if grep 'GPP8' /proc/acpi/wakeup | grep -q 'enabled'; then echo 'GPP8' > /proc/acpi/wakeup; fi'"; + RemainAfterExit = "yes"; + }; + wantedBy = ["multi-user.target"]; + }; +} diff --git a/hosts/nixdesk/hardware.nix b/hosts/nixdesk/hardware.nix index fbd1de2..321ada9 100644 --- a/hosts/nixdesk/hardware.nix +++ b/hosts/nixdesk/hardware.nix @@ -1,4 +1,10 @@ -{...}: { +{inputs, ...}: { + imports = [ + inputs.hardware.nixosModules.common-cpu-amd + inputs.hardware.nixosModules.common-gpu-amd + inputs.hardware.nixosModules.common-pc-ssd + ./gigabyte-b550-fix.nix + ]; boot = { initrd = { availableKernelModules = [ diff --git a/hosts/nixdesk/jellyfin.nix b/hosts/nixdesk/jellyfin.nix new file mode 100644 index 0000000..c75c16f --- /dev/null +++ b/hosts/nixdesk/jellyfin.nix @@ -0,0 +1,94 @@ +{config, ...}: { + security.acme = { + acceptTerms = true; + defaults = { + email = "xunuwu@gmail.com"; + reloadServices = ["podman-caddy.service"]; + }; + certs = { + "xun.cam" = { + dnsProvider = "cloudflare"; + credentialFiles = { + CF_DNS_API_TOKEN_FILE = config.sops.secrets.cloudflare.path; + }; + extraDomainNames = ["jellyfin.desktop.xun.cam"]; + }; + }; + }; + + virtualisation.podman = { + enable = true; + autoPrune.enable = true; + dockerSocket.enable = true; + }; + + systemd.tmpfiles.rules = [ + "d /media/config/caddy/data 0750 root root -" + "d /media/config/caddy/config 0750 root root -" + "d /media/config/jellyfin/config 0750 root root -" + "d /media/config/jellyfin/cache 0750 root root -" + "d /media/library 0750 root root -" + ]; + + virtualisation.oci-containers = { + backend = "podman"; + + containers = { + gluetun = { + image = "qmcgaw/gluetun:v3"; + volumes = [ + "${config.sops.secrets.wireguard.path}:/gluetun/wireguard/wg0.conf" + ]; + ports = [ + ## This bypasses the firewall + ## use 127.0.0.1:XXXX:XXXX if you only want it to be accessible locally + "8096:8096" # jellyfin local network + "60926:60926" # jellyfin + ]; + + environment = { + VPN_SERVICE_PROVIDER = "airvpn"; + VPN_TYPE = "wireguard"; + SERVER_COUNTRIES = "Netherlands"; + FIREWALL_VPN_INPUT_PORTS = "60926"; + }; + + extraOptions = [ + "--cap-add=NET_ADMIN" + "--device=/dev/net/tun:/dev/net/tun" + ]; + }; + jellyfin = { + image = "jellyfin/jellyfin"; + volumes = [ + "/media/config/jellyfin/config:/config" + "/media/config/jellyfin/cache:/cache" + "/media/library:/library" + ]; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + "--device=/dev/dri:/dev/dri" + ]; + }; + caddy = { + image = "caddy"; + volumes = [ + "${builtins.toFile "Caddyfile" '' + https://jellyfin.desktop.xun.cam:60926 { + tls /etc/ssl/certs/xun.cam/cert.pem /etc/ssl/certs/xun.cam/key.pem + reverse_proxy localhost:8096 + } + ''}:/etc/caddy/Caddyfile" + "/var/lib/acme/xun.cam:/etc/ssl/certs/xun.cam" + "/media/config/caddy/data:/data" + "/media/config/caddy/config:/config" + ]; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + }; + }; +} diff --git a/secrets/hopper/authelia.yaml b/secrets/hopper/authelia.yaml new file mode 100644 index 0000000..652cd0e --- /dev/null +++ b/secrets/hopper/authelia.yaml @@ -0,0 +1,33 @@ +jwt_secret: ENC[AES256_GCM,data:O0LXijtmUCoBKiQgptto6/dhcCRgP9EAXPhnmb0Dw4Gk/8irELo413FPlnc9EPyFvQTelNgJWZEUsgPUxN5uVjVTr/819hyNX37+sTr0COD9VXUprvkYOGHQ/7UmjK5UZPcgIzEPWwmU4xmsbh4dIgrKT55JCniBVQevvwGYq28=,iv:Fx5oSFiiZt6jKnApvahK92n/lATcJ7IBH7e5TdQCMRY=,tag:kaaV+2WLH22eZXx9WyHrTA==,type:str] +session_secret: ENC[AES256_GCM,data:lFkt5MasAri5ddS2JU9sNLTgHSSAelmvshX7jk5LEhWLcfTryoCdMHSiaqJpAY5NC0DgLPslyAyLtUgrAxTZqL/qHmSw4Q9XfxoWGk1IM4NERb0myOOTgmhcT4ImUEIROZHXNpgEUQ9c1stasix5uu5c1swUieZrDI7j79Xn5DWufzHc+SxaQwIggsLGpOazJO/UmBdGiX/uju2D/arp1okMClk8DcLWZtLdEs4V1Cqz5Yv21aeK/47DKy4rClqDB+8NNXk5ayA5wXa0DrvW7H+a+/ra6TRMcevMZBsjbvbRc2P654mpDt5XB3DMyoucYOHzUasymlYUMmUUtYFRhNaLWfgifAQJG8N+z1COe/DjWzhUOKfKNZQM7S0h61nh5RwLGh+PHMae0G7fLNTcNS7r8BxiIIF4wXJRmtxfnNY4GrQAtfatrHi6lbnrBzA7SsjaheK27/DVXZdUhkc6xxeIA3n+G9e4FSDC8aP6gKHPO8nDBzIEw21E0UtuNO7QYqw3NFwNX30ys+dw89S6RyZzJd9CHodYzmGHB9jlXJnu9aOsqmEUOuWD8Wwez9ogUQY5Uls/MbyXzX5dIEHeofPxzzQYepvMRmlNNyrWjQYmFqw8TblM1S8/dnI0FzmescPIKSdA/H5oEo8X9InpHbuEd2hOR0mQdDXoKFBw+ig=,iv:5yM3rohayzhGN1k8Njm/r8lggfaQDIeLNoVC3Vkc95s=,tag:JOH6xBEPFCYMHLSCNgFW9g==,type:str] +encryption_key: ENC[AES256_GCM,data:VBPBoNaL5l3/MWNW/97m0RXX7dANgHEgoIU4+S3Z7gMtZjFqscfN612CkWM5t4h6Ojej/J8WuslnoDgEK14Efr3byvnVOayFHUxb8U8Y1sGQ7DqW28v+3QXttd2agrVATGoiErVUVH5lUqmtIRzugQuWi707fq8A9D3OU/L26+O+/sBJjfvj+es9Vyq120ri1njtZvQzVDUoKjyTQOiPCOsyEX2C6rws1BT9UQr7EY73e5xEpiBczwq+A9eRVH77/Hqr8t0otbcxPn9rubUFPy9bOxTnqG/eXmm2vtPQXGRdQ3fUzvQgBSxjxkssoWK/MRaXaL6Xs37mfiUc/7KX3Ua49G53jC18HfFmfklnP9xmtORFk/zWTj4+eB3QKt9/mtg6E8iZUlI16S/PYyuB6d37Oy0iuAHatwDqJBSZdnPl/ZXW8NuaZCKGLFMojqBXPxOTxZ/88KJcEI2MEuueBsS62L9Gb7g0jSjsNfTEmA5lCGHQ4rbeG/SahrbAzPKMWTTIgV5va9XY1e1amweTGSjed5nk+XB9ih6Z0MZ+da4RghjnHexOBqEewhDICUHd4Xyfyl3SqJKpBtGOCBW5tfkjy2kIWVL5KB4cB1FhHq9fvATDcG4qCV5ptZPgnGbqsme970UHO7CNTAso1ju8Nk9GT/46y/4oPCxU6DS9gy2oN0hxbut4mpJ+RyGEthtpQ+caSPsjsTx5yx33LUCqw19H1mRqzZo23tSzAcGvLZiHt3c3/S1QRNGOIqJmTz2Q41JOVBjqPF4W/ZgfZgax+vASRDMre7S6TlSMfUGU1i99vzFkELmfDiXVTpbj+Jq0/kIxdaf6RkfvvqA20CfNysSsD7RoLqy7CyTilwjJVHliGqR7T8RG4aJJVZdBBPsXkkPa5281pUO0lX/v48gw/UOqcswcSf0uV9MRidR/Rmb/u6PBNuIRjjUl0U94ZtiO8925gSLFGwFhrrz3NsjkCOzUIyDObh6EImNbzsjWBmiCTetr2huYhK4JkW/BarC75zfhsEFiU9Sv0PKcymgGZ4gm0aFcIyWyyim3YxGI80otIZLu1oGid7YX6ddzWZPrTq8bK9GmxsiNLtfPCahA5EDYKDXoIHcc+eWjzJijoTNaGCAElNK2/kY3cO9zpviib36eYO1C6X5VYrMivTTdvsm935PNmESG1CYaDiAekpvZTDBsCJYm7RCBAPoAfR8IOeZdZah73QAplpQlTo+lxbb/M/SuPO2JMWFpn5aWSgHKj0X0mqtQ8q78KJ7cUtYJV1BkWLnAEmeudq4NqB02PkortEkJb9Jjgj7+iZNbuJxvrdhEixsOAwOw9UbFOIO3q7mV9D39r+PhQ1JNqP7HJA==,iv:fArn1NcxTjBUrWfYYGoeWh7P8rdDhK9zHdrtRrvVxzA=,tag:sGsAX8qOWK4qBIZh8LZj8w==,type:str] +storage_password: ENC[AES256_GCM,data:XH5szvA2s6WpBWauGjJCB0KHGti947/3Y/xGOCAvpc52JEaIrGP9/29ETw2omVVxvhlrg15vsca760Spa2VkpyO4pZOC1vUEmK00uAsNSwDzE5Xt9QGa3res1MthD5lKxRk+2IZBpMnoZYkX3Q11kvSpbyYwOpdFpK5ZU3M962yGs9JKGuDTofzT41Pz08fVXgVs2gGiYTjY+1k4OUzHPqBDRd4fRvlMxepKUJ5hIJlLFq5ncIyXYeDCbv+TDoX/Nw/SBl5cysQxjEnFSKF0ZegKt8u1TTjYL5Ag5378up9xwYtaBGHde1H3Mwq37cLUXOessPo0ftTuhZfa/Vz6mLace/QZoNCz/fnQSO56bIps0+RLqakrctajditJWX6yq3Y3tA1x7FqI+r83jriv334UToDE/LupUlTLax24cy/w34KW1l6sNkjqUwT8UPf3CcYIVSqhmNBMa71EQJFelXGQJyLfCsepe5IlNqFfXiY8Ywe/ncnx0sPCTQG43gN5PcUwNV15/EzOIyg4xp0CtgRBK/dnlVlQ019DaD0s3jwczfcyzC5xLWoguNu3mtm32KwkayMno0Y7timH0E7AwaYW6uLdSo5p582O5zbUcMVlGYUXLa27Y6madAPGZEonhZ9IvrpFrNCG7VVcKiBxdC7OzSn3VWiOoZ+d52m6bAAeIiy1wp3En2PcOqO+b4soc7RTy+acFypupB9//N0xd8Yq+VdALHa4tQGvT5oc0OlAIdMcF7oU0nGiyQKE495Q5/MtcilYseaQq0c2vp82y9YndlinzOnj7JinerXXfAUdTREPH6FvNR3Y6cdPKqgM89esrDJJum7L6eFUq5ozoqwxvOGv1CKEA+LgD9pXuXAPSdqiwZeEBD5P4fuLik5heKHJwcmgIaja7Vd5ni3cSQsLnwU/m2aQ5WmJe+7REbykYmC6J2+EinSm7CWYpq3EqKFmFsSoTbEpjL6ghOtjB4cD0A0fK5RJhU5nbpFC/whSg+6SPGe7w7RZa3suQ41QLY9MgwNKPDGDqwPQP4SnbBVYiQnyCJHj8ZDyWN38LMahEzjJT9leo9yr9h3hjvYdouNN4BTCFajgoQ38eapd9HqeTWBYbg5TOC+JOI3/tG5HYWNI/kI9jWrgIu4belvrnsdPMo0O7FIHiEKQWg/b6v0kBkeG7h+OHgs/qzq7GSz0rOoNgEBqHa2eVTwtmnMZgC3fJ78/QdRCbW+I5YsmFEZIcT4JSXnjFlPjsoFnhpHS5DcdCsY7YnY6006SprYF43lPunRFbpfPPSr4Zpn/G009M5ZasiHNzPPsr7leiDBkugGPtBaEEy+Fnct4bfc1JD6F+FHtTp+iGE0pT5wZCQ==,iv:SiRzgXm4hUSW+o80AA60oAIJus2FSZvL/Ly0bktT5XI=,tag:NuD9XVd4TNFOIo0jdHeSyQ==,type:str] +sops: + kms: [] + gcp_kms: [] + azure_kv: [] + hc_vault: [] + age: + - recipient: age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8 + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSAwaW4xdnBaSlh3anBzWUli + K2UrOUhMT1EvRmhVdVk5L1RVczdmM1FKUTE4CkIxWVFmYW1FYTN1WkdtSElraUpn + OFcweXBpSWpsSEQxYkt3WU9vMlo5OVEKLS0tIEFVTVFVTjNXbnoxNW5WNXY1NlNC + bGkzYllBRW9EdnBEQzBQbUJSVVJsRDgKmpwBLgT732TnzsDYmDwajn1VCZ26LAKf + eC3nJLzkfXX81axUuxozpATatUZlf9NXcS0gX92N0uJ7/6d1t9HPhg== + -----END AGE ENCRYPTED FILE----- + - recipient: age15mgf89h220puhz48rjpwxwu4n2h4edur60w6cd8gku2hh4e5kqpsghvnyw + enc: | + -----BEGIN AGE ENCRYPTED FILE----- + YWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBhWEV6RDVoamYxZ28rUElw + dHVoQzYvYjdYNFZjTmRIY1pET2VzdHdsdVdNClZoUDFNQkg4UDhFS0paVUVGOUpS + bjNpazRzZVFJazM2NWFyazVla0dxeVkKLS0tIDU4T3pNOFE4VHBCdXpEUUZNUlNu + OTBTbDlXaHZnanJSbUlLUmRTaDc0eE0K0AEhDK731gOTp5AjocYgPEdXnr76m8PF + JoT4IWr2WYs5W/JgC8c4wIc4C9D4O8c+/mnE1RsG6EUXAz5ufMQcGw== + -----END AGE ENCRYPTED FILE----- + lastmodified: "2024-04-14T15:16:34Z" + mac: ENC[AES256_GCM,data:14fDEp1QyVtDsnbhm/DvFbvk52LAu1NVxUZGn/bhcfipG5PXAOKbtneec9ooe+M8wuWFUtq8nxE+y6341pyS4pKwLbsZ8tftDNm1k586B8QOp/8ctbiWG8zXgvuZn/LnhIDEnt52UaJOlGsY0vfdsC2JgxNx6z39xBIZjqHAjjA=,iv:OfPrtvS1kI3pAnGTX6D9xZod/yEMZM8BTZcB9KvLKcI=,tag:ApAySONamB1Ai7jjUU93Jw==,type:str] + pgp: [] + unencrypted_suffix: _unencrypted + version: 3.8.1 diff --git a/secrets/hopper/betanin b/secrets/hopper/betanin index 997e9c1..f32234e 100644 --- a/secrets/hopper/betanin +++ b/secrets/hopper/betanin @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:Bw/YPsl3ltVbommvO++qJbbsdWrsST26FMt0Hc3Osj99dhlfMa68k40MxdTBo8VwoRZQkWplxDNrzN9/KjTni95p/HwaSrbNWKk9tpRaYLabym/YL5dnR7jKxyf0pBowLHqBBgW11X40NkEojtJBfFCN5xrU6xpDQtVrN+R80PK1/D8gC/sf6wG8pD/lYbBzXdEDjGg3ZHRMSdLlSNC52qh2tfPyU8kg3fBDuAoO+U3cUkfJxbKGr2Dq7OXlZDcv0/oaHZ+MM6fKThwZpsimD7t6mSjRtoYTiB+6afF/LG2x7thTdbj8zdUtOSQxVcdq7J8m0bEzDHfveGKA4Nneaqa+D1VFxk0jkTQDtN/ow0K8/D0ubSRalAqFI90HWmDJyNi/XzPJiU1plLVgL4XPUObjWnkbjM5QsjcoXuTCMTVkI6RGFUc1jRJju5cNbEiuBDMzNn1q6Ob9BeeyAth+cMGHKlTXkC+Hk7cR46ky6hWCZHY7q7oekPq5Bcy2NLoDMIDF3N5slb31KktZG2rG7tUimPfKTL901dP4d9rKN8PhGjnoBVDrWEJcm89+QcCNsGOZmQJFzDFaUJzChIc2woHHEqZDz4dHrErcWg4mRiKAIjjP029J3tdB+i5MOOmMMJv48TvcVi2FKdjGQ8jiCby8TtVIs4RjBTkAEppQSxAT9ApZDhSSNEsDMxn+/88e/UunrtBYdeIUDR3ANtsXNi35y7ox21zBdVXp64FWO5pOvcTvNFNoH1zmzhMI8zxn2cVhSYqsBWwLjpCoWnlq2sFuvF7bK3UynyjQ+7pyyIxfGzhJ/8Gqo2qjQ/sq3Bdex/EZeVfg8YlG64paCCjJ3LT3/srnOENaJsbNwpOCrTXO0cWt/cCDLonvLmwuB4uS4Hg+DXOqC02Zupb2z0bL9SdU0GxehVvr/bHzOtU9vgghxdGWhsaYhq0/2ghS/2mJmWQNsJwFt7gaKXUt7ugNqn4fmCW/sDNwgoOFkENZgH3ZozvcTAMfXzfEX1XCiHjz5G5PEjODOzo4u9hizYSaaLfa543eaIHb+u8FZuhVyJFfG4IrF4zFXG+2qbpKDJBtueM4RmWcAyUIFaNOkQv1KM638YZtuBKnzgGVyZYME4Yit0IZQqiDOoE7IpZ7chd91sKoAVTSdMa+ESLYabp5UqT9/iJ8xrkj/F7NVZMct5EZWQaAowehrXKpGBZPNFqyepkHBtyTGkphc4NdonfjCSMZzu73+V98DOpUBQKkQMxc/SAeUrUhrUQ3GCf8+YVJmNWyCyRiliq0n+8mQa6DdjqcUiNwIbj4rUYwxsrpGLlA/zu+QvotquOeWiAEhbq539bjmTCGCcbTydQybHiuASpdu0wAbSwaLF0e/0Iq3RYOBsoiPmkSkLvcCzGkmDyaPVX+qCzXcxUh1OT7RD46ppcv/CpljaWIEPd62pse4MmNxk0qPELmymyZWZ8EbQQeXl8THFhgFavzE2i+PP5IAxqlyYQG4StyMd+Q7rsWRP1GVC5xew7GyU31Yi6lWcHplO06WX0yB7f9V+dx2sJ4E0e6xW0kn3dVuWhzBFxVpn3U1u7kkByL4RAeXuI/LWk1nWsF7gSVPk6saIdhq6WYY4flRu44C88eCd+ACwtFwYpW8sOhFMJ9w2fFqkGUxQv9TWbxVr3b+wSfkS4a9t1RXOCgDuOyqOmDN/7vOvP1W63OuHZtx5+VMz5mKcZwwDDKsH8+eHWsrur0Bt4fVXzznpCibfxl31htPrIpAeEKso3xi8AJi6Ag4A/Olne1XJElBkijSBwZz7arThaNuG/BmzZMXCCoJo+2rRywZWHf4GOIGbPsmEGYCA0DpwrR5zU3ABAWEnip9E1y7H3Q8JG0UI7EG9m8nGTCKHu8xd3DIVESvl9mNstBSXBid9cRPne5CQQe7RHrJDHYTA==,iv:rMxC9vqxNGhSDOhXE6hYAZA6uLSKwOfMy1RAdxJBrmg=,tag:cUYkuhq74+JPFPG4+VAlPw==,type:str]", + "data": "ENC[AES256_GCM,data:8B0KhfOHx9ob299Kf+1PqwAhP8ymQAgjkx3BK12THWNighp0QVMKar2XV7Wtwq7PsLwAn1suGBnmNtOazM21SixrHKErlm/3dQ+3EkbrBIZJBRrbOqfqRvTrHFOQiSSyKdfs4LFFQvT8jn0pQIQeSLthcXZ779A/0cxnlLCJoykyRaLvG8/UnOjUhM9ojmMKQMXRsOZc7WvtTqjRfr0KxYTrNUG4uYOXhhNbndimVi+tYFGekftneGfi86N08LQ+7wdgJpNnH4Sj0j1lwFjZxc0rk3JqyLasSW3uy6sr3rLZU0KZTZBwaFL2kkB59oZfkCYukZrgtUQyepgXk8XunRSBG7vpe2jTIKQsitGSs3JA9FyPZ39NqWnMXdmSM6+AcLNDLRNqtAHRi7O5opFkvDWMIVZ8/7LZZTHHa7W8sDRVtanvQCKrknkykMoRaUC/qbea1yeRm/fuCO+fsAHJjgW2QIVf/4sFgz4nRTvDFJlu5DThrcrQ5a1R3vtIGQXhnF2gTHZoZuxHdV0CWWueAR0NzZCdNgJjAozWTMLwJDpi5Mto6fqzHIj7IIMvcDcomBDc6Vw3phnjMTtOZheOHVffLWPx0xBI+dW64qy0y8wsUscOik2eHEQTK0/eeIKf38n4MNxgqqHjWjlg5yFpnnxmdj1aM/ybjscQUaJNZXgLOqJv+h2l0gkBUin9WBPHjeifICKU2BeAQHj4y6j44VaB5HR0FAXG3f0S0NNvvkdSX28XX1Ej6SYJj3HnIu4EJtVecq8jmjQcLZLLRkmHnBzJhUR7A0SUUvmSSwhD3A7hZrdC0GlwpMClNs2WwZSyAj1mmNkEoZgfcdrw+fMfSE9RGMcgxFBesVKIRp7SYDHvp8TFkkX+/603KqrzDxXd6veUaAUQFdeq3GkA1wBw2QtEDY3uCbRmUsGVJE8CPKLgMM+df3mih+S3JwlSj4b9g/u52FBpZkJ6LeNE9IAlWX2ynkdvxHq3+6/C30a9XB7/n5Tu/glW2H42xfe+ef0sDlU5f8MXpSPGnWYly3UjeUrpKgTSP4ghtvslZVy5TUbrPYXJ5DM3sLceLEAVN1KmeIky4OCIvVXWVT1zOuU17atoi3i5vGQw/az0kTqm7u1v5vcX7gncIKR5ruKQxubEopWhYKAtvDfl9Qjbv+3MmR8ykwbd/K9ETGhfVUA2VrjI010eVZbMB+BsbhR8OLFaubOGQ8bDgXqNZnesYm1WuATepGQRNLq0EFlEbhJiGHvlOzBhOXZR5uuVtRWRU+hQXcEH4QuBAp+hpjOsiwre9APy173n1QmznWKQNhcCNeJtH2jURq1Ec9nq8S7UTZFAXGUaof3X6XmL5fTTcn1N9cMvtuPae7SWdNQ9pnEZJ/i28BLO/xWXa74lZQb8WwnnCmTBlM4eALc4uUlx/z3kk0A6ctx6P0z/kLGS22Wb8vgfCpCxFF93/9EZ/UP9/9gxU0BzmLvO/76sqIjT/YDR/QXOYvVj26u0qpQ6tkkFKWXiL757AKjwpZYmCR71bXDY0RDeU0fi0zX8UXoq5XSZC1IVg7pdPxkzjjst0bJ0RS94U6H6wK8BHqoaWWQURNQjGY8h1TNqXncPMr6VklCZ7ua3tphYM0NWVVP4IW7l9pXIzwjWkmkTvTI7zNItWW3zD2DQe73APe6gKci8fwze2nXQT+Ce6Jh9GzEqRp7uwjKHMXPkeO6U4f66Fq8cRWu2JtduwwywXsJTWm64MygGSYjiD55ZN2zh0WsyPMhK1VtJr5VKiHkCH3zSKr9B/15O6Y5gxoHZJO/AGeOw8XhHzW8NzGeJcNLeQfBp3MiEVYC23wLdjLMc1g5RcSTcrlK41ZCfVger3W+aoF9FkvSe1h4vAK8jhcGMizME0oEM8sLRB0HCWOb27hVFT+GvnnkjnBQvQ+1ItvHQIpCSRK4MIJ8CaqzuXWgX/y54nRZT2Lm3Tyg2zsPCVyj4JGFmsUJrb1Xj6C6ZXTab+WrBNsevCbw68QMuVLqLCGuSt4SC8zY8DpWtWPEy0dxUX5tUFXCJokFNqGMV8330dg8c88OFkF0ME+aJ3Bo23YniiZyslVDWr/Nzkbsykyr8VfEV8uE=,iv:U46fOpIzufGktwUAl8ISu+2yxFx9RDNQols5hroL/7c=,tag:fm6C4jjb6HTQP2bnr8Ikuw==,type:str]", "sops": { "kms": null, "gcp_kms": null, @@ -15,8 +15,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSB4cFRKMEQxMnlsZlpWUVMr\nMUtOTjF6RWRZdHdMbzh4ZGpkelc3cEZyRWxrClVOSy9kNXB6OGpVNHhSRnQrdU5y\nV3JiVDNVTThpSTVzSnliY1ZBOFFQY28KLS0tIHd1NEo2VTd0WXJ4eU9KdjlKSHpJ\nOC9XRDhaNmNOOEJoOS8remF6d2szTncKG/uzlIbBX7gFBcUTXzstarnBeiUB0Cdn\nQjT1nFNFGR09WDtJROuTPYS6GFmEmlGwX84dGsIQpIjyN3XPSzsrxQ==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-04-08T22:16:08Z", - "mac": "ENC[AES256_GCM,data:n7/FajYrQhZ8J+3jQ0UZxb6vvcZNImxpCLoPZYhJKxPgdc52u0NxUZnhy+f/JkW+sczZKOTiNA4R8VJLoB+VINRBL3EHBirOu4qyjnMPOk30QP2mpQEcyUDzs2YXh1s0PYsgZJmI74a5kJpHe0OHO/pWGPFwJANJjG69h7o+gCU=,iv:/6wQVsERE5R7FgTbmB40TXMj7QEyXyLlrd+442wS9l8=,tag:ylSM//8UetA7hTgR/RKd+Q==,type:str]", + "lastmodified": "2024-04-25T17:26:01Z", + "mac": "ENC[AES256_GCM,data:0cd3iDduaZ5MPt+tIVvNixjd3WaqBVbh/aRKHGOY/BdkWdZ8jcXIdUIOSy+4AtFhLKBq/+UQNbXwwCdn6gJcVX7ATVB3w2b7YX4KqruKIPOt3UPu3s6GGlnf4xhQhfXYmy/NnAYpNFpAv/eli80S8AK4Nuo7FA2dGgXBqo0OX38=,iv:E5sI0X/0dnuCJ5ZCkpLXpX7dAS5NkxKgAt8JcGCcooI=,tag:Es/SwUeGiB/ewgPfZHuaaA==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.8.1" diff --git a/secrets/hopper/brawlstars b/secrets/hopper/brawlstars new file mode 100644 index 0000000..54294f6 --- /dev/null +++ b/secrets/hopper/brawlstars @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:XWblMpIi2edSjyCDYqJPJlOm4odclXgvSYW5YFYrnzMXUHalWkKhpuJ2/LmlmA6yw+atarnS1FH7CfdBgXooAxFpHx1krmJ+RxnbQ1q+vRSLWXeQnoobUGyIdzluTqbnPzM+Y5z5CQk16pEeSc6iJ/JbCc4dGHeuyNnJNZTkD3WVS9Uz4zBXToBP6/IWr/XPz+gxcaBfbXP/2zdUYWpPpT9xLqGk75INQaf20G8fYv4ThqgMeRe8S6dpWSzF8RptVCY/GAs1agMNm2Ya21W5e4ju3dxYm0dt1wM7lTU2TnLNdeugOtAE5/4H3aIFKlcc4zRS6voUzL658URcYH3HxaOqP6kQCSiV7cc2kS4nb/UvopzlTWlWS0+yxWJkqsrbdOrsgx4YnH5TxL2EirzfqcvfBhLd01q5v+SUGMwKNqTFcc6DcNT09s5PUV2D4xqQJzozWMSrUcVZ3LTQpuXmGzz1TJfozOaz5ZHul6B82Opx/XbJTzbJAXDgBOZfaidsDhGG0oKm+1eOWYIOXNVSoDy1n3fdOIxiOKNzBoxLCFlogmBXICRDhVmMgXydCYHpv8lGxd2uEHHx8YuRWgh44z/TNt94TS/0PBy7Y4A7i/sUUORLVRrNBkIZBTC7kcDItvdS6a0PRaVUUGV6OSDa8QV4FwSZJOBdXhOUUQWmbo1g9I0B3TMzfUdZLG+894PjVwAq5cODMkYcpeoV6xbB27iI/yX5erKfRQ4kGelmPLC1/Y9V2dB1KiPTTQ==,iv:KwJ2aN5mhXJjxL/toMSbRJqvuPgclAWJK5YdoU7us5A=,tag:HQcjTFAtTZrKCXau4/QqSA==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBvRVhvM0I0Uk5uSEQ3TjBv\ncExIS3YxbjRXY0kvd3JyTmhwWHZkaXU1a0Y0CkNmcFFvbS8wL05UM1A5K1M0Y1Bj\nRjYxVFREZjVKMjV4UW5TSlNUZTNrZk0KLS0tIGp6UVBlQzAzYUw5bnNIVjg1WkFN\nQnozRlhUYnVNM2RDdDFlcmFQZk5BQ3cKA8Pjse8ase9Xzg3kd2U8AKotlaIcSdux\nq8EL6rtmYmvpRV02vUYQxWxxj983BtKkR4pndd6o+MBNau4JgdYYEg==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age15mgf89h220puhz48rjpwxwu4n2h4edur60w6cd8gku2hh4e5kqpsghvnyw", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBKeGJFSTJ0WnVkL0MxUUxn\nVWZ2UWFnSHR4a21kbFRtSWJ3NkhJVzlxVG44Cm85VmVpdWFROUFOYm9sUGxZUkg2\ncEljOGllTGRTMlFzRmNPV1B2WThYcWcKLS0tIG9MclVPT3Z2K1RadDR4bEdYbytn\nUVBYRVRjN0pqOXNYZyt5VVA1RVZGNEEKDwlbaCimx8n4FPN3cJ3yR4QE7m3VUBSX\n2o3KmrlRI5/N4CaKuTNI3GjPXUbtrC/+shV1fsqo1tE0XE3U6qB+og==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-05-03T20:12:24Z", + "mac": "ENC[AES256_GCM,data:M+XkQx/Ix5yEEtDoBD9RDYkFXHntkfOIFc4FlJgIXbJcArE52NkLuZSy7ZVvVoByeg6FlHr5Wj5EgHIcpIbUe31GW+2kCNh3LYaqUMRZmtxcP0Hk+4axgo2mCpp4us43W8AHkBu0weJmvQTixBUMXfP39Mdm/Qp3Wz6q+pCNPlY=,iv:mosXJmbrbXWwY5YH8lVG3lNmUZG9XD9yWvmBF+qyVRU=,tag:UWohiixM4e71GyAQCkS3Qg==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/secrets/hopper/cloudflare b/secrets/hopper/cloudflare index 77117e0..9b87785 100644 --- a/secrets/hopper/cloudflare +++ b/secrets/hopper/cloudflare @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:G9ZUq5WuB7iQ0vIASyjKth5Jj3bTDCvnOMiJGJ0fWd5nTOIrUD7cOcgDE9SGAP2W2zlRGh5AftNt0g==,iv:3MCty+L8YjGOfDeEcLeuDlvEqFSjxfv9FzKeTXas/ng=,tag:zMdbKh0HF8EEROmH31Oe1g==,type:str]", + "data": "ENC[AES256_GCM,data:fwRCAES+TxczDPwrdzg6RG87PL1GrwaczA2uzD7PBX2q90ysnf+nFSI=,iv:akE8xpL7Pc4DA0WPMrtoawySxtYhx6L0UhrpkCpgTzw=,tag:c9omuljQ4rxrN4PzMq+MZA==,type:str]", "sops": { "kms": null, "gcp_kms": null, @@ -15,8 +15,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBwc0RSUHYyRWx2ZFVXVEc3\nUjUvZDdmWWJXNWtIWGVWWnNsbFA0OUpiSlE0ClhsaEpGeXpQOThYYmt1NkFLWlpy\nQUIwNERva1pReG5McmloR2gzQ09nWFUKLS0tIFUrSlZMdTFtV2hnL29Ua2lUTkQ0\nWTZTNVI5US81OVNoWndoSHdURE5uc28Kwegugtt4GjCUlj+f/1Dghy7Q1DsD4Vli\nmoPkciYTrbMhngi7n2Ya8+K5JU+q3Rfn0c9TjElEZP40dNiJF6+f/g==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-02-28T19:41:27Z", - "mac": "ENC[AES256_GCM,data:gRyFdTKxS1Cc610nDwIzDtjTyPOlD+SUU5JYprW9V+qZaQC6QGPujfaoXq+uTEKhyt0C/xmNExu7qy8HeCyiWCblV0Dco0RI1wACg0utcmt4g35B3jyLQ8nW7bp7khU1KyxIBuNt4e4j5XfrfcREglbeRdy+Ijz6+LDBxDctyU0=,iv:mRLRAUVBxEI9Fx9O7sMJa6+S85mwaGTbk4u7dxVJj1s=,tag:HCNl+XyHdsxpcOR4ili1SQ==,type:str]", + "lastmodified": "2024-04-13T19:03:19Z", + "mac": "ENC[AES256_GCM,data:G9ZJ4fOek3RPLicg99SFS2HwBBIxqXy1NzOB8USIpjufcB9ncIypVh2ckEOiwSR4CBRIkAjnjnKaCRN0q/fHZhw5dQOwSto6nB+MQ4HMNNTErEK5tmGlN/y79+uGeYBPe7jyhsI6dIksXxHPS8VuMGFdtcXmw+nWjizeuLPP5kQ=,iv:PxP74PTFylp+P2MzNLsaVcilpkBQeYlIieoCpAIBVtE=,tag:mzo2jbPqXP0EpQgMypqvQA==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.8.1" diff --git a/secrets/hopper/default.nix b/secrets/hopper/default.nix index dd48f78..857dda6 100644 --- a/secrets/hopper/default.nix +++ b/secrets/hopper/default.nix @@ -28,6 +28,7 @@ slskd = { format = "binary"; sopsFile = ./slskd; + restartUnits = ["podman-slskd.service"]; }; cloudflare = { format = "binary"; @@ -43,5 +44,31 @@ sopsFile = ./betanin; restartUnits = ["podman-betanin.service"]; }; + + # authelia + authelia_jwt_secret = { + format = "yaml"; + sopsFile = ./authelia.yaml; + key = "jwt_secret"; + }; + authelia_session_secret = { + format = "yaml"; + sopsFile = ./authelia.yaml; + key = "session_secret"; + }; + authelia_encryption_key = { + format = "yaml"; + sopsFile = ./authelia.yaml; + key = "encryption_key"; + }; + authelia_storage_password = { + format = "yaml"; + sopsFile = ./authelia.yaml; + key = "storage_password"; + }; + brawlstars-api-key = { + format = "binary"; + sopsFile = ./brawlstars; + }; }; } diff --git a/secrets/hopper/slskd b/secrets/hopper/slskd index 825af7c..a092175 100644 --- a/secrets/hopper/slskd +++ b/secrets/hopper/slskd @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:e6VeCbqwW0Z/h23HD1TLdb3XPDMSYCV5fgj6/K6796kJBuZUqCdLOGoyzNyuluPGJxMRHPkFNyAZwZ/mf5AeIbXSdY1PoHJpy9V8mAXmVTQdV9E44sXdpq1Uyyp3faKpJs/oxnbWdj85iuiY22AuC5FatreneacPEQkjF0H1Z3yUKvE9G7fWnd7sdypwI9iNZX24G3wx3svL9Biq0vcFfTm/gf9BWO30IkUbLSGSev9taAdMJJpUijU44QsOrRGq6BBr3C+t0v9071r5ydCc7XUFb+EMwjrsM9IMTJ5R5PgbTRzQmj6hpLtKhW/Rv4rvUPdvPrX53OM6lYyXfmbxzGiFhG5c0/OPPzpGH9NLoqSMnbV5+CFFDWYuvJ9UhYetcOwfXopncgFFi1wS+4e+0R/FVzu58OhlYmnzgqrFFQAAM+pVaNTKZjQ6fZaOteTwdfvo75hhnrbTMEfIRad1OO3ffbZef+BkxdWKLfbjsp/3rzN7qD50Qbe2h9qKZxWGK2EmssqfKk5S4ps+vhcCL1J+Bs/04r/aEj6ttDbzKpWb3IJFIMJcwotDcTGAtCsvxZ++Cnp5+Ad7XPNxQlQzylRZXaRd68jvnaxyVjTAIQgcAEDpzHQA83ogmjX4rVMxzM+nhyNkp03tMD3IPBQgutMfCyzts2v+pqaOMz/H6T+PxIOhhEjtsvOUzeS4v20bM8UKw+04CDyFIlZRkKv3UaPZRWyfGqKZ5U/RUr4QMLVp7ppUL4iN11BW82EqZnUqA6/hEQ==,iv:ie2i0xd9/lypeBrGj1IWgUcNTg4IfMoE5luCdETKZ/4=,tag:m82vQYZ1P8uW8zZG0SQx8w==,type:str]", + "data": "ENC[AES256_GCM,data:eWuDg5+I6NvkF1VoAKg84y6zfZA9GJAwO59SLCViXZIH7YgXSGA8B+0lOROHA5j98IUAgPtGqsVT2625LXnUBduQT7ZNc+KieOnWE2mDVzcOu0olCiGmVn98s/M4slsq3P/y3fNpygGSqmlllOrWOu4LlmZrPSrc+5SG+M0asxT6Xs/jxtVjLjB2TwtBykPFJCwARBbVATAcgJeYdSSPi0WaEyozYhBiLoUZPoAKqBCen/jOcIHn3DEzqmpDOr9uSRLai6QKkZNXvPzBao0m4qw+ZnK4cQk52c3bCYXc+kiRFi8bD96h1mdGV6ZiaoQFp4bOs8ZK4dBD21wVB/sW6caf9STd4xBX6x9VUvSkQmFv4f8rmtfdeyREY9rcizSFIQbpyMYiy1LRLS/My6IqymC7ucIy0ntujZyoaW9fOrO4d1tsuJxcb1kR/hJ0hjRfs1oUdTutllTpvi5BBS2Z+gmiDBW/PEwyU6V0t2EADnkU6Y4MQuOSBNC3wwBAI5QsmALhHhcjtB/p+TkwIVPmfHAKnSBBkS0S6f83KpzdoSmAS/tkKwhMCont9b3sivycenb79xgQfeWHgLQ2SwZWreSbiDNIAUIMfoPYRc8DOsWByZoC3W6XLKl4UFH/lvJbv12myA54y4pxd2lVY3xbMNCMGC72G3BYkuIiVYbCRw3WG9dcHaqwtI8YsHmvgkdcyzwBe/GhHnzLX1fppdx6xAViKsl0YGKtpkoAR5Zxf5qNM0ViKbTLa9txetEhcP3J6NKocSCdBFGu+VjPn2x74L/5WlZMXBJ+JcYan8llQbY=,iv:s2WKqWG1hd2OU6wmb2Pz/dHCVoV6eRsEZicKj0v63wo=,tag:iiq/NMotzJB54qclG7XDqA==,type:str]", "sops": { "kms": null, "gcp_kms": null, @@ -15,8 +15,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBOWXNpZlpySndGK1hRR2ZF\nUXdZZVhJVC9YMy96N3BzSVBJQzBOMEliMm1ZCi9ZWTgvOXcxSXdvMldYZXdsbjlX\nc0VDZTZNY3dSUHFMVmNZbWY0dzl4VkkKLS0tIFRtSzhJdFdLVHAzTVdBMmd3T3ho\naDI2WnBnT1FGUkgxQ0NrenpIYWZRM2MKN6hXjBR+jS4UkYy1SS5uHtlHTugfxCwW\nAErlX+kU0g0uBIQbHExNSr0/Xjk+bIRNqSg2O0CfxULxbQRtZrsqMA==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-02-25T04:21:42Z", - "mac": "ENC[AES256_GCM,data:1+cYL3i51lnqB9z1Su5EguF9ppFvR3YS6eEOGCuYA33twDb1CkGpDIWVlYwz9PfJWuzAtOKj+Vv8ho4rQjdgkzEBCG5jvVc+rvo/zeUGlyQ2UtsZGbFeSbYDUYUczkh37fcMPZ09eMCapAmmL0KSBooG9kBaDy/NDL8LKra6WXw=,iv:9PMbaKI0HP5MC/Lsr43k2fxIQDbS6LX6KWyQCH+I3yY=,tag:Qsnm9kdRlrvTjBoh0ey5ww==,type:str]", + "lastmodified": "2024-04-24T17:51:03Z", + "mac": "ENC[AES256_GCM,data:qfQHPzpFgsyi28QEDZt2M1gGiWDbDqVImmyCtqWKbCHme3Lc6Y44G4uD9dQOZqXHQySC2nAbkric2WJ0ozzl1/eiUMMLG8S+yGq84e8/55s+8u81dbHCcZCPSnWMLzSVlWknpG/pjU/Z1lr1/Vj6roHYZtJyEpcTnJBbqQh2NU4=,iv:ja6zyxErPWbq979dBw5YWMbcWkA9tjMGqbqIZZE8QvM=,tag:Pau0HMocJ5HOorpen2gRrQ==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.8.1" diff --git a/secrets/nixdesk/cloudflare b/secrets/nixdesk/cloudflare new file mode 100644 index 0000000..f241745 --- /dev/null +++ b/secrets/nixdesk/cloudflare @@ -0,0 +1,24 @@ +{ + "data": "ENC[AES256_GCM,data:Eb0jA3q6hBv4YuntX0LELXK9bMFrW4QddXaF+HIfEffXSQiOH0fSfKE=,iv:nqyr1YtiHOGFbfm8+QuRLDiBNNLa3QNUYOKkPRueG8I=,tag:XwFR/TkhsxDQpFgal8tj1Q==,type:str]", + "sops": { + "kms": null, + "gcp_kms": null, + "azure_kv": null, + "hc_vault": null, + "age": [ + { + "recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBRamRORTV5OTF6OVhLMHNC\nWUN4cllEQUFPeEI4cmJZeFFKdHErSUYrbHlNCnFWSWNXbC9lejFkTzF4M0lZM2NQ\nZ1BOUGFtQk1RODg0OHp3RDR3KzVSNU0KLS0tIEJwNWIvcFZtdTdkb3VSTkFXMFdz\nZ1JYU09lTkR4ZjJEa1lpOWd0MlI1cFkKKsKAvnhw2v8EOixvKvV7v211Itedg1tw\nRAo5XecUEZyTqKLyEooCTq/KM2X0rR+tFpzo9bt5t6zMwwJc2OwS2w==\n-----END AGE ENCRYPTED FILE-----\n" + }, + { + "recipient": "age155sscpw0x36t6s9usdrz7relpxqrtqnk98mrc7s0qcv2n0v3zd7sfl2xn8", + "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBzaEk2b2c1RXNHNUZpeDM1\nQmJrQXVuT1RrYUJDZFVJYjBOSytUWFhIWnpVCjJtN2lZaXNQZVY0a1ZLeUpFcmVQ\nMTA1Q2VCc2FnWlZGUWd0Z0UyZFVsWDQKLS0tIG50L3hYWkNObVRMZHlxcEJjM1p4\nSHNxbkg1Z0FjeUpDTW1zMGdUbFFodWcK8P0t0q8xvvus7Lcjt1CtwNrGAQlV1mHl\n5O4M4zsJGlQeBqvf/2EZWqy0HkdGqIhUDHeo+ho6P2LgUrGTGdmOFA==\n-----END AGE ENCRYPTED FILE-----\n" + } + ], + "lastmodified": "2024-04-17T20:07:21Z", + "mac": "ENC[AES256_GCM,data:7gs2+Ksd8JFrAAx/rTaQ7W6MLtuWAdoGzA5TtqO6fbiR+cz8UiH2Exr1xbR8sNY0El8P99nnV66M0Yt+ARJP7xd9o4NJYVdOenScISaMFHWW6EjiEWqv/JKI/JoGdXpRObu3LnuRR0rEp36REoc48s68UWwEGnpMdEpdqSZvMqg=,iv:qON9slK2y0W7K9FOwZAkNJhY+91DD4w70aLD9bMPAWs=,tag:8+cQrp6FM7y+76DsrSQndQ==,type:str]", + "pgp": null, + "unencrypted_suffix": "_unencrypted", + "version": "3.8.1" + } +} \ No newline at end of file diff --git a/secrets/nixdesk/default.nix b/secrets/nixdesk/default.nix index 82abe24..adc06fc 100644 --- a/secrets/nixdesk/default.nix +++ b/secrets/nixdesk/default.nix @@ -13,5 +13,9 @@ sopsFile = ./wireguard.yaml; key = "PrivateKey"; }; + cloudflare = { + format = "binary"; + sopsFile = ./cloudflare; + }; }; } diff --git a/secrets/nixdesk/wireguard b/secrets/nixdesk/wireguard index 92da065..640c798 100644 --- a/secrets/nixdesk/wireguard +++ b/secrets/nixdesk/wireguard @@ -1,5 +1,5 @@ { - "data": "ENC[AES256_GCM,data:IzWchx+R3y8ZV5JBNngcyAfm0XyOrDIn7IBQDeW8k0vH1ERjLeLbqb7VMjwFkGO764PfGO4REkbdlGDx1XWcy6vQ4oqiDM8dq5YF+0ttxrby01DGF0owouqsx3a9BzqhcWo+QCvZ3rWKVmLfFub0dfAPaH5Dxiijvetdq7KEM+7nmJS9AueYaQMMgoL8JCQIiUj+zsxwvoJVebDKLeBc0k3yRCIgQFXzQXRt1L99xMaF6wdTz7I9+K+6mAgb9JsuWRlewamaQMcffM/EuRfNIGweSJBQarvIrvEfh5BUVpkzT3OEjEP/mOdxXGe8O0qceoBkWrXete1r68ftHpPc2Bo9zeI7GDb+LZYTh220FZOhbQQ1E6yxUAwen7aJP/im9XNLeQYA8YBY+OwUvngeKLw1tFfPbPzEUfBBOvGXuT1kE6vAp2fa2NAPbqcqIMJRL9ZVZZQQ+4sQyBhf4n/bQshEAwl2aSEo8d4epSPrnRv+zDC00DEvdaAHO+IXs7MP9yXFu4tZ4b6PKhnZGtQ7e4QFHlCocMTr,iv:wVKHb+TI4vUB2nRtqvm7OuATZCuJscz64lHAi7s7ZE4=,tag:Yk06BCYsa3ZkmyS/hXMjrA==,type:str]", + "data": "ENC[AES256_GCM,data:fwjhJg9Tgf1bLSolaOuqNccNibuo8g4P4j1mkiVbsQaE/2+3NxZem0aVPmeoevW2nev3DNt3qFdfpOZX3KXniYJSpIf8mxluB1m2c+Zf51eBg/rQSfNtSljFC++Jjc1RyL1XfVIlxZvq8V26AnJZbH6cqkX+phVsO6J/qSyKEBq+rXIZZO3iwby/II5z8ehYtGPJaliCfwv5FLltPul2p+fySQF4UtUWLEKIAGnN3m81GcaLoQZdIMTsEYowHVjs350xv+oBfGNOK5QHKEUBeU9vxvEbyQTvQ4sIjs4RdncqfPkJJQG90TB95LsBmEIuynhD5NS2S2A3Bk4W0zCRdEugOl6U0+4PeiD3t3DeejWpao55+woEvkItSP8RmiGkGrkj1NavUiGiMNztp94zqD3NAg1RHxRPlW/nf5JjUpwmxRNh2G4lMqxG+zXuRV34FjZmKESsGsrCyXg+WUB0BSkXzVZAuvfHfBnPjrC2yakPKpheSqhBRKMHCUKCZ+ESdDKaGxKX2JYaZuSmUEs=,iv:N8VjPOYF63fa+tpwDaPDz6+hkyiKAvY81yrgcs0QRJE=,tag:qcF8HjEuXdrrzwZ1bxCNyw==,type:str]", "sops": { "kms": null, "gcp_kms": null, @@ -15,8 +15,8 @@ "enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBjL2NSTnVYY05pcVNyT1g4\nT0hvanphU29Dd0dvMXZ4TjdVV2R4WnpxY1JVCmVQVlcwbE9EbmxPZWhTK3RudUJG\nQVhjZ2lzUmo1VjlNejlLejVkSXZhTFkKLS0tIFpaQ1JtTm9NOWIrWFdlZWlDTXBo\nRFVKNVVyRWlxZWtqUHVsVGFsRUtWeW8KHVaiwFMs7wTn7j/PZXqrpEtEJTTRaFi2\nK65QMNkbB8DCvmO950X+lpCkuCHXpTgI+yvzLgD2zvZurlu6h9zZDg==\n-----END AGE ENCRYPTED FILE-----\n" } ], - "lastmodified": "2024-02-12T18:06:06Z", - "mac": "ENC[AES256_GCM,data:BadLvKDJpsBow/+7q41Qz9nWgu+kL2VCvrN/++to0HWr+KquHiFfPZ6QISw/BrYhuqkQf9Spv1Hale88vB9I7By9nLy1D81jkSBg9/p6zKvyMcSUSszaMGdO3L56LvsHhUkA5t3CxsT6jus48Z/HBdKluE10aOwlY3ORI0yQn9U=,iv:ZUqoCno5fHphBbfKYuvOWA5wwdGzxarb5tWJhivNl7Y=,tag:zW7WJe2+SgNpGa1VSTbjSQ==,type:str]", + "lastmodified": "2024-04-17T20:38:26Z", + "mac": "ENC[AES256_GCM,data:TbfcsR134LA02u6/bQRHDYev5AcMj0Tq04SyH78eQu+bg5658qdeAcXX5GD6GvgEBR+O4hghzq3pDoQ8BvMIQDI1kx0YTrH0rSs84j60d4Jjw96KmRMIqvFbBHuvzHfw7+6cnNRJ+lvSv4Xca46XSrviu7UvcUGLBklAfZca8Ls=,iv:TfV52tbDfxnmmWgGWTcCwQp3iWL1PYCkvNrqDp55VP8=,tag:LQZI+BLE5a9FaBrRU6cnGg==,type:str]", "pgp": null, "unencrypted_suffix": "_unencrypted", "version": "3.8.1" diff --git a/system/core/compat.nix b/system/core/compat.nix index 854b2e2..de3b96f 100644 --- a/system/core/compat.nix +++ b/system/core/compat.nix @@ -1,5 +1,6 @@ {pkgs, ...}: { #environment.systemPackages = [pkgs.steam-run]; + environment.systemPackages = [pkgs.appimage-run]; programs.nix-ld.enable = true; programs.nix-ld.libraries = with pkgs; [ diff --git a/system/core/security.nix b/system/core/security.nix index a12d225..a41aa7a 100644 --- a/system/core/security.nix +++ b/system/core/security.nix @@ -55,5 +55,11 @@ # don't ask for password for wheel group sudo.wheelNeedsPassword = false; + + # allow running as any id without them being listed in /etc/passwd + # this might be a security problem but whatever + sudo.extraConfig = '' + Defaults runas_allow_unknown_id + ''; }; } diff --git a/system/core/tools.nix b/system/core/tools.nix index 949f328..3e37907 100644 --- a/system/core/tools.nix +++ b/system/core/tools.nix @@ -6,7 +6,7 @@ wget ripgrep nethogs - ffmpeg + ffmpeg-full parted ]; } diff --git a/system/programs/steam.nix b/system/programs/steam.nix index cad28b2..762e822 100644 --- a/system/programs/steam.nix +++ b/system/programs/steam.nix @@ -1,4 +1,13 @@ -{pkgs, ...}: { +{ + pkgs, + config, + inputs, + ... +}: { + environment.systemPackages = [ + pkgs.protontricks + ]; + programs.steam = { enable = true; remotePlay.openFirewall = true; diff --git a/system/services/containers/experimental/default.nix b/system/services/containers/experimental/default.nix index bb65601..4800350 100644 --- a/system/services/containers/experimental/default.nix +++ b/system/services/containers/experimental/default.nix @@ -12,6 +12,25 @@ dockerSocket.enable = true; }; + security.acme = { + acceptTerms = true; + defaults = { + email = "xunuwu@gmail.com"; + reloadServices = ["podman-caddy.service"]; + }; + certs = { + "xun.cam" = { + dnsProvider = "cloudflare"; + credentialFiles = { + CF_DNS_API_TOKEN_FILE = config.sops.secrets.cloudflare.path; + }; + extraDomainNames = [ + "jellyfin.xun.cam" + ]; + }; + }; + }; + virtualisation.oci-containers = { backend = "podman"; @@ -20,23 +39,31 @@ image = "qmcgaw/gluetun:v3"; volumes = [ "${config.sops.secrets.wireguard.path}:/gluetun/wireguard/wg0.conf" + #"${builtins.toFile "post-rules.txt" '' + # iptables -A INPUT -d 192.168.50.26 -p udp --sport + # ''}:/iptables/post-rules.txt" ]; ports = [ ## This bypasses the firewall ## use 127.0.0.1:XXXX:XXXX if you only want it to be accessible locally - + "127.0.0.1:1389:1389" # openldap + "127.0.0.1:1636:1636" # openldap "127.0.0.1:8191:8191" # flaresolverr "9117:9117" # jackett "5030:5030" # slskd "8096:8096" # jellyfin "8080:8080" # qbittorrent webui + #"80:8336" # caddy + #"443:443" # caddy + #"443:443/udp" # caddy + "8336:8336" # jellyfin ]; environment = { VPN_SERVICE_PROVIDER = "airvpn"; VPN_TYPE = "wireguard"; SERVER_COUNTRIES = "Netherlands"; - FIREWALL_VPN_INPUT_PORTS = "11936,8096,14795"; + FIREWALL_VPN_INPUT_PORTS = "11936,8336,14795"; }; extraOptions = [ @@ -79,6 +106,7 @@ "/media/config/jellyfin/config:/config" "/media/config/jellyfin/cache:/cache" "/media/library:/library" + "/media/downloads:/library/downloads" ]; dependsOn = ["gluetun"]; extraOptions = [ @@ -109,11 +137,132 @@ "--network=container:gluetun" ]; }; + caddy = { + image = "caddy"; + volumes = [ + #alt.xun.cam:8336 { + #tls internal + #reverse_proxy + #localhost:5030 + #} + "${builtins.toFile "Caddyfile" '' + https://jellyfin.xun.cam:8336 { + tls /etc/ssl/certs/xun.cam/cert.pem /etc/ssl/certs/xun.cam/key.pem + reverse_proxy localhost:8096 + } + ''}:/etc/caddy/Caddyfile" + #tls /etc/ssl/certs/cloudflare/cert.pem /etc/ssl/certs/cloudflare/key.pem + #"${config.sops.secrets.xun-cam-cert.path}:/etc/ssl/certs/cloudflare/cert.pem" + #"${config.sops.secrets.xun-cam-key.path}:/etc/ssl/certs/cloudflare/key.pem" + "/var/lib/acme/xun.cam:/etc/ssl/certs/xun.cam" + "/media/config/caddy/data:/data" + "/media/config/caddy/config:/config" + ]; + dependsOn = ["gluetun"]; + extraOptions = [ + "--network=container:gluetun" + ]; + }; + #openldap = { + # image = "bitnami/openldap"; + # environment = { + # "LDAP_ADMIN_USERNAME" = "admin"; + # "LDAP_ADMIN_PASSWORD" = "adminpassword"; + # "LDAP_USERS" = "user01,user02"; + # "LDAP_PASSWORDS" = "password1,password2"; + # }; + # dependsOn = ["gluetun"]; + # extraOptions = [ + # "--network=container:gluetun" + # ]; + #}; + #authelia = { + # image = "authelia/authelia"; + # environment = { + # AUTHELIA_JWT_SECRET_FILE = "/secrets/JWT_SECRET"; + # AUTHELIA_SESSION_SECRET_FILE = "/secrets/SESSION_SECRET"; + # AUTHELIA_STORAGE_POSTGRES_PASSWORD_FILE = "/secrets/STORAGE_PASSWORD"; + # AUTHELIA_STORAGE_ENCRYPTION_KEY_FILE = "/secrets/STORAGE_ENCRYPTION_KEY"; + # }; + # volumes = [ + # "${config.sops.secrets.authelia_jwt_secret.path}:/secrets/JWT_SECRET" + # "${config.sops.secrets.authelia_session_secret.path}:/secrets/SESSION_SECRET" + # "${config.sops.secrets.authelia_storage_password.path}:/secrets/STORAGE_PASSWORD" + # "${config.sops.secrets.authelia_encryption_key.path}:/secrets/STORAGE_ENCRYPTION_KEY" + # "${builtins.toFile "users_database.yml" '' + # them: auto + # default_redirection_url: https://auth.xun.cam:8336 + + # authentication_backend: + # ldap: + # address: 'ldap://127.0.0.1:1389' + # implementation: 'custom' + # timeout: '5s + + # session: + # domain: example.com + + # redis: + # host: redis + # port: 6379 + + # storage: + # postgres: + # host: database + # database: authelia + # username: authelia + + # notifier: + # smtp: + # host: smtp.xun.cam + # port: 8336 + # username: auth@xun.cam + # sender: "Authelia